slackware-10.1, sendmail-8.13.3-i486-2
configured as per default installation, except for
localized local-host-names and virtusertable.

/etc/syslog.conf directs mail.* to /var/log/mail.

for each piece of incoming mail, /var/log/mail shows
two error messages:

[...] forward /home/XXX/.forward: Group writable directory
[...] forward /home/XXX/.forward.xxx: Group writable directory

where 'XXX' is user login and 'xxx' is local hostname
(as per hostname -a).

All user /home/ directories are configure 0711.
Some users have a .forward file and some don't.
No user has a .forward.xxx file.
Where a .forward exists, it is owned by XXX.users with
0644 perms.

In every case, two error messages.
In every case, mail gets deliverd to /var/spool/mail/XXX,
ignoring the .forward when it exists.

Okay: WTF am I missing? WTF does sendmail think is
group writable? How did I manage to screw up something
as simple as sendmail ?

Any relevant clues, tips, pointers, refernces,
solutions and/or jokes would be appreciated.

Thanks!

--
William Hunt, Portland Oregon USA

Le Tue, 20 Sep 2005 09:54:43 -0700, William Hunt a écrit*:

>
> slackware-10.1, sendmail-8.13.3-i486-2
> configured as per default installation, except for
> localized local-host-names and virtusertable.
>
> /etc/syslog.conf directs mail.* to /var/log/mail.
>
> for each piece of incoming mail, /var/log/mail shows
> two error messages:
>
> [...] forward /home/XXX/.forward: Group writable directory
> [...] forward /home/XXX/.forward.xxx: Group writable directory
>
> where 'XXX' is user login and 'xxx' is local hostname
> (as per hostname -a).
>
> All user /home/ directories are configure 0711.
> Some users have a .forward file and some don't.
> No user has a .forward.xxx file.
> Where a .forward exists, it is owned by XXX.users with
> 0644 perms.
>
> In every case, two error messages.
> In every case, mail gets deliverd to /var/spool/mail/XXX,
> ignoring the .forward when it exists.
>
> Okay: WTF am I missing? WTF does sendmail think is
> group writable? How did I manage to screw up something
> as simple as sendmail ?

Maybe you didn't, it's just that sometimes some tools
reinforce their default rules. Oh I can't wait for Sendmail version 10
in heavy cross testing at the time, it'll rock but ...
there gonna be a heavy reading to get prepared ...

Now, you had this puny joke, let's go on the rest of your request :

> Any relevant clues, tips, pointers, refernces,
> solutions and/or jokes would be appreciated.

A reference pointer, no joke, it'll help ;-)

http://www.sendmail.org/secure-install.html

William Hunt wrote:

> for each piece of incoming mail, /var/log/mail shows
> two error messages:
>
> [...] forward /home/XXX/.forward: Group writable directory
> [...] forward /home/XXX/.forward.xxx: Group writable directory
>
> where 'XXX' is user login and 'xxx' is local hostname
> (as per hostname -a).
>
> All user /home/ directories are configure 0711.
> Some users have a .forward file and some don't.
> No user has a .forward.xxx file.
> Where a .forward exists, it is owned by XXX.users with
> 0644 perms.

Sendmail will mutter like this if / or /home are group writable.

Cheers, Eric

On Tue, 20 Sep 2005 19:37:02 +0200, Loki Harfagr wrote:
> Le Tue, 20 Sep 2005 09:54:43 -0700, William Hunt a écrit*:
>> slackware-10.1, sendmail-8.13.3-i486-2
>> configured as per default installation, except for
>> localized local-host-names and virtusertable.
[...]
>> Any relevant clues, tips, pointers, refernces,
>> solutions and/or jokes would be appreciated.
>
> A reference pointer, no joke, it'll help ;-)
>
> http://www.sendmail.org/secure-install.html

you gotta be joking : i hope i don't have to compile from the
sendmail.org source distribution, just to get .forward working :*)


--
William Hunt, Portland Oregon USA

* William Hunt <wjh@prv8.net> writes:

> On Tue, 20 Sep 2005 19:37:02 +0200, Loki Harfagr wrote:
>> A reference pointer, no joke, it'll help ;-)
>>
>> http://www.sendmail.org/secure-install.html

> you gotta be joking : i hope i don't have to compile from the
> sendmail.org source distribution, just to get .forward working :*)

Bah! Compiling and configuring sendmail is a doddle. I've done it
many times.

--
|---<Steve Youngs>---------------<GnuPG KeyID: A94B3003>---|
| Genius - Is the ability to reduce |
| the complicated to the simple |
|----------------------------------<steve@youngs.au.com>---|

On Tue, 20 Sep 2005 20:13:29 +0200, Eric Hameleers wrote:
> William Hunt wrote:
>> for each piece of incoming mail, /var/log/mail shows
>> two error messages:
>> [...] forward /home/XXX/.forward: Group writable directory
>> [...] forward /home/XXX/.forward.xxx: Group writable directory
[...]
>
> Sendmail will mutter like this if / or /home are group writable.

Right.
both / and /home are 0755, user dirs all 0711.
but, (heh-heh) i've got /home mount'd -bind off /mnt/hda4/home,
and /mnt/hda4/home perms were bogus. doh!
chmod 0755 /mnt/hda4/home && echo "FIXED"

Thanks!

>
> Cheers, Eric

--
William Hunt, Portland Oregon USA

On Tue, 20 Sep 2005 22:30:02 +0000, Steve Youngs wrote:
> * William Hunt <wjh@prv8.net> writes:
>> On Tue, 20 Sep 2005 19:37:02 +0200, Loki Harfagr wrote:
>>> A reference pointer, no joke, it'll help ;-)
>>> http://www.sendmail.org/secure-install.html
>
>> you gotta be joking : i hope i don't have to compile from the
>> sendmail.org source distribution, just to get .forward working :*)
>
> Bah! Compiling and configuring sendmail is a doddle. I've done it
> many times.

Sure and me too. :*) but the slackware package has been fine for
me since the first 8.9 or so, and seems to be just fine stil.
the problem here was indeed directory permission, just like the
error message said. compiling from source would never fix that.

besides, i'll get enough misery when i start mucking the m4 again.



--
William Hunt, Portland Oregon USA

* William Hunt <wjh@prv8.net> writes:

> On Tue, 20 Sep 2005 22:30:02 +0000, Steve Youngs wrote:
>> Bah! Compiling and configuring sendmail is a doddle. I've done it
>> many times.

> Sure and me too. :*) but the slackware package has been fine for
> me since the first 8.9 or so, and seems to be just fine stil.

One of the reasons I compile Sendmail is that the Slackware Sendmail
package doesn't talk PostgreSQL, whereas mine does. :-)


--
|---<Steve Youngs>---------------<GnuPG KeyID: A94B3003>---|
| Genius - Is the ability to reduce |
| the complicated to the simple |
|----------------------------------<steve@youngs.au.com>---|

Le Tue, 20 Sep 2005 15:35:04 -0700, William Hunt a écrit*:

> On Tue, 20 Sep 2005 20:13:29 +0200, Eric Hameleers wrote:
>> William Hunt wrote:
>>> for each piece of incoming mail, /var/log/mail shows
>>> two error messages:
>>> [...] forward /home/XXX/.forward: Group writable directory
>>> [...] forward /home/XXX/.forward.xxx: Group writable directory
> [...]
>>
>> Sendmail will mutter like this if / or /home are group writable.
>
> Right.
> both / and /home are 0755, user dirs all 0711.
> but, (heh-heh) i've got /home mount'd -bind off /mnt/hda4/home,
> and /mnt/hda4/home perms were bogus. doh!
> chmod 0755 /mnt/hda4/home && echo "FIXED"

Ah, that's something you may post to the comp.mail.sendmail group
and/or the alias sendmail-YYYY at domain support.sendmail.org
(see http://www.sendmail.org/email-addresses.html)

it may help some other users that could forget to not
only verify the rules for dirs but also the hidden tricks :-)